EditWitness Server Configuration
Attention
The XRPL EVM compatible sidechain implementation is a proof of concept extension to the XRP Ledger protocol and is for development purposes only. There is no official amendment currently and it is not available on the production Mainnet. The EVM compatible sidechain bridge is connected to the XRP Ledger Devnet. Do not send transactions in Mainnet.
Before running a witness server, you must create a YAML configuration file. Some fields can be configured through environment variables; in the case of conficts, the environment variable is used instead of the YAML key.
| Key | Description | Example | ENV Key |
|---|---|---|---|
| server | All the server generic configuration. | ||
| server.queue_period | The amount of seconds to wait before fetching for new events. | 5 |
SERVERQUEUEPERIOD |
| server.logging_level | The log level of the server. Can be: debug, info, warn, or error. |
info |
SERVERLOGGINGLEVEL |
| server.logfilepath | The file path to store the server logs. | ./logs/log.txt |
SERVERLOGFILE_PATH |
| server.validate_bridge | If the server must run a config validation before starting. | true |
SERVERVALIDATEBRIDGE |
| xrp | XRPL side related configuration. | ||
| xrp.node | XRPL node to connect with. | "wss://sidechain-net1.devnet.rippletest.net" |
XRP_NODE |
| xrp.bridge_address | The address of the bridge on the XRPL side. | "rs99jCuSAjrXzdebKm1AgpErz9M2FwHQCE" |
XRPBRIDGEADDRESS |
| xrp.starting_block | The block that the server will start listening for attestations. If not declared, server will start listening on the latest block. | 1 |
XRPSTARTINGBLOCK |
| xrp.signerlistseconds | The amount that pass before checking if the witness server is in the signer list. | 300 |
XRPSIGNERLIST_SECONDS |
| xrp.signer | XRPL signer related configuration. | ||
| evm | EVM related configuration. | ||
| evm.node | EVM node to connect with. | "https://rpc-evm-sidechain.xrpl.org" |
EVM_NODE |
| evm.bridge_address | The address of the bridge on the EVM side. | "0x4C5033DB823538d398e84Bf65fAdEbA0b4d71599" |
EVMBRIDGEADDRESS |
| evm.starting_block | The block that the server will start listening for attestations. If not declared, server will start listening on the latest block. | 1 |
EVMSTARTINGBLOCK |
| evm.signerlistseconds | The amount that pass before checking if the witness server is in the signer list. | 300 |
EVMSIGNERLIST_SECONDS |
| evm.signer | EVM signer related configuration. |
Signer Types
In order to give the node operator flexibility, there are two types of signers that can be configured. Each one has different configuration options.
Local Signer
This is the most simple signer. The witness operator holds the private key and configures the signer using these parameters:
| Key | Description | Example | ENV Key |
|---|---|---|---|
| xrp.signer.type evm.signer.type |
To configure a local signer , this value must be local. |
"local" |
XRPSIGNERTYPE EVMSIGNERTYPE |
| xrp.signer.spec evm.signer.spec |
Local signer related configuration. | ||
| xrp.signer.spec.privatekey evm.signer.spec.privatekey |
The private key of the local signer. If the local signer is on an XRPL chain, the private key must be in hexadecimal format. | "****" |
XRPSIGNERPRIVATEKEY EVMSIGNERPRIVATEKEY |
AWS Signer
This signer type uses the AWS KMS systems to store its private key. The private key is under AWS custody and never leaves their system, making the signing process more secure. You can configure the witness server for AWS, using these parameters:
| Key | Description | Example | ENV Key |
|---|---|---|---|
| xrp.signer.type evm.signer.type |
To configure an AWS signer, this value must be aws. |
"aws" |
|
| xrp.signer.type evm.signer.type |
AWS signer related configuration. | ||
| xrp.signer.spec.region evm.signer.spec.region |
The AWS region where the KMS key is stored. | "eu-west-1" |
XRPSIGNERAWSREGION EVMSIGNERAWSREGION |
| xrp.signer.spec.accesskey evm.signer.spec.accesskey |
An AWS access key with read access to the KMS key. | "fake-access-key" |
AWSACCESSKEY |
| xrp.signer.spec.secretkey evm.signer.spec.secretkey |
An AWS secret key with read access to the KMS key. | "fake-secret-key" |
AWSSECRETKEY |
| xrp.signer.spec.keyid evm.signer.spec.keyid |
The AWS KMS key id. | "fake-key-id" |
XRPSIGNERKMSKEYID EVMSIGNERKMSKEYID |
Example Configuration File
server:
queue_period: 5
logging_level: info
log_file_path: ./logs/log.txt
validate_bridge: true
xrp:
node: "wss://sidechain-net1.devnet.rippletest.net"
bridge_address: "rs99jCuSAjrXzdebKm1AgpErz9M2FwHQCE"
starting_block: 1
signer_list_seconds: 300
signer:
type: "aws"
spec:
region: "eu-west-1"
access_key: "fake-access-key"
secret_key: "fake-secret-key"
key_id: "fake-key-id"
evm:
node: "https://rpc-evm-sidechain.xrpl.org"
bridge_address: "0x4C5033DB823538d398e84Bf65fAdEbA0b4d71599"
starting_block: 1
signer_list_seconds: 300
signer:
type: "local"
spec:
private_key: "****"